<?php

$unhtml_specialchars_match = array('#&gt;#', '#&lt;#', '#&quot;#', '#&amp;#');
$unhtml_specialchars_replace = array('>', '<', '"', '&');

define('IN_PHPBB', true);
define('BEGIN_TRANSACTION', 1);
define('END_TRANSACTION', 2);
define('BB_ROOT', './');
include(BB_ROOT ."common.php");
include(INC_DIR .'bbcode.php');
include(BB_ROOT .'warnings_common.php');

global $lang;

$add_warning = ( isset($_POST['add_warning']) || isset($_GET['add_warning']) );
$delete_warning = ( isset($_POST['delete_warning']) || isset($_GET['delete_warning']) );

if ( isset($_GET[POST_POST_URL]) || isset($_POST[POST_POST_URL]) )
{
	$post_id = (isset($_POST[POST_POST_URL])) ? intval($_POST[POST_POST_URL]) : intval($_GET[POST_POST_URL]);
}
else
{
	$post_id = '';
}

if ( isset($_GET[POST_WARNING_URL]) || isset($_POST[POST_WARNING_URL]) )
{
	$warning_id = (isset($_POST[POST_WARNING_URL])) ? intval($_POST[POST_WARNING_URL]) : intval($_GET[POST_WARNING_URL]);
}
else
{
	$warning_id = '';
}

$confirm = (isset($_POST["confirm"])) ? TRUE : 0;

if ( isset($_POST['mode']) || isset($_GET['mode']) )
{
	$mode = ( isset($_POST['mode']) ) ? $_POST['mode'] : $_GET['mode'];
	$mode = htmlspecialchars($mode);
}
else
{
		$mode = '';
}

if (!empty($_POST['sid']) || !empty($_GET['sid']))
{
	$sid = (!empty($_POST['sid'])) ? $_POST['sid'] : $_GET['sid'];
}
else
{
	$sid = '';
}

//
// Set default email variables
//
$script_name = preg_replace('/^\/?(.*?)\/?$/', '\1', trim($bb_cfg['script_path']));
$script_name = ( $script_name != '' ) ? $script_name . '/viewtopic.php' : 'viewtopic.php';
$server_name = trim($bb_cfg['server_name']);
$server_protocol = ( $bb_cfg['cookie_secure'] ) ? 'https://' : 'http://';
$server_port = ( $bb_cfg['server_port'] <> 80 ) ? ':' . trim($bb_cfg['server_port']) . '/' : '/';

$server_url = $server_protocol . $server_name . $server_port . $script_name;

//
// Start session management
//

// Start session
$user->session_start();

//$userdata = session_pagestart($user_ip);
//init_userprefs($userdata);
//
// End session management
//

// session id check
if ($sid == '' || $sid != $userdata['session_id'])
{
	message_die(GENERAL_ERROR, 'INVALID_SESSION');
}

//
// Check if user did or did not confirm
// If they did not, forward them to the last page they were on
//
if ( isset($_POST['cancel']) )
{
	if ( $post_id )
	{
		$redirect = "viewtopic.php?" . POST_POST_URL . "=$post_id";
	}
	else
	{
		$redirect = "index.php";
	}

	redirect(append_sid($redirect, true));
}

//
// Do major work ...
//
switch( $mode )
{
	case 'add_warning':
		$page_title = 'Warnings_CP';
		include(INC_DIR . 'page_header.php');


		if ( !empty($post_id) )
		{
			$sql = "SELECT t.forum_id, p.poster_id FROM " . BB_TOPICS . " t, " . BB_POSTS . " p WHERE t.topic_id = p.topic_id AND p.post_id = " . $post_id;
			$result = DB()->sql_query($sql) or message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');
			$row = DB()->sql_fetchrow($result) or message_die(GENERAL_MESSAGE, 'Topic_post_not_exist');

			$forum_id = $row['forum_id'];
			$user_id = $row['poster_id'];
		}
		else
		{
			message_die(GENERAL_MESSAGE, 'TOPIC_POST_NOT_EXIST');
		}

		//
		// Start auth check
		//
		$is_auth = auth(AUTH_ALL, $forum_id, $userdata);

		if ( !$is_auth['auth_mod'] )
		{
			message_die(GENERAL_MESSAGE, $lang['NOT_MODERATOR'], $lang['NOT_AUTHORISED']);
		}
		//
		// End Auth Check
		//

		if ( $user_id == ANONYMOUS )
		{
			message_die(GENERAL_ERROR, 'NO_WARNING_FOR_USER');
		}

		$sql = "SELECT * FROM " . BB_USERS . " WHERE user_id='$user_id'";
		$result = DB()->sql_query($sql) or	message_die(GENERAL_ERROR, 'Could not insert warning information', '', __LINE__, __FILE__, $sql);
		$row = DB()->sql_fetchrow($result) or message_die(GENERAL_MESSAGE, 'User_not_exist');

		if ( in_array($row['user_level'], array(ADMIN,MOD)) )
		{
			message_die(GENERAL_ERROR, 'NO_WARNING_FOR_USER');
		}

		if ( $row['user_banned'] )
		{
			message_die(GENERAL_ERROR, 'BAN_RECEIVED_FOR_THIS_POST');
		}

		if ( $userdata['user_level'] != ADMIN )
		{
			$sql = "SELECT * FROM " . BB_WARNINGS . " WHERE warning_post_id = '$post_id'";
			$result = DB()->sql_query($sql) or message_die(GENERAL_ERROR, 'Could not get warning information', '', __LINE__, __FILE__, $sql);

			if ( DB()->num_rows($result) )
			{
				$check_row = DB()->sql_fetchrow($result)  or message_die(GENERAL_ERROR, 'COULD NOT GET WARNING INFORMATION');

				if ( $check_row['warning_poster_id'] != $userdata['user_id'] )
				{
					message_die(GENERAL_MESSAGE, 'WARNING_RECEIVED_FOR_THIS_POST');
				}

			}
		}

		if ( $row['user_warnings'] >= $bb_cfg['warnings_per_ban'] )
		{
			message_die(GENERAL_ERROR, 'WARNINGS_LIMIT_REACHED');
		}

		if ( isset($_POST['add_warning']) )
		{
			$warning_type = isset($_POST['warning_type']) ? intval($_POST['warning_type']) : 0;
			$warning_time = isset($_POST['warning_time']) ? intval($_POST['warning_time']) : 0;
			$warning_text = isset($_POST['warning_text']) ? $_POST['warning_text'] : '';

 			if ( empty($warning_type) || empty($warning_time) || empty($warning_text) )
 			{
 				message_die(GENERAL_MESSAGE, 'WARNINGS_NOT_ENOUGH_PARAMS');
 			}

 			if ( ( ( $warning_time < 0 ) && ( $warning_time != WARNING_INFINITY ) ) || !in_array($warning_type, array(WARNING_TYPE_WARNING, WARNING_TYPE_BAN)) )
 			{
 				message_die(GENERAL_MESSAGE, 'WARNINGS_WRONG_PARAMS');
 			}
 			$sql = "SELECT w.*, wt.* FROM " .  BB_WARNINGS . " w, " . BB_WARNINGS_TEXT . " wt WHERE w.warning_user_id = '$user_id' AND wt.warning_id = w.warning_id ORDER BY w.warning_posted DESC LIMIT 1";
			$result = DB()->sql_query($sql) or	message_die(GENERAL_ERROR, 'COULD NOT CHECK WARNING INFORMATION', '', __LINE__, __FILE__, $sql);

			if ( DB()->num_rows($result) )
			{
				$check_row = DB()->sql_fetchrow($result) or message_die(GENERAL_MESSAGE, 'Error checking warning information');
				$check_time = ( $check_row['warning_expires'] != WARNING_INFINITY ) ? $check_row['warning_expires'] - $check_row['warning_posted'] : $check_row['warning_expires'];
				$check_text = stripslashes($warning_text);

				if (
					( $check_row['warning_type'] == $warning_type ) &&
					( $check_row['warning_post_id'] == $post_id ) &&
					( $check_row['warning_user_id'] == $user_id ) &&
					( $check_row['warning_poster_id'] == $userdata['user_id'] ) &&
					( $check_time == $warning_time ) &&
					( $check_row['warning_text'] == $check_text )
					)
					{
						message_die(GENERAL_MESSAGE, 'WARNING_WITH_THIS_DATA_ALREADY_GIVEN');
					}
			}



 			$current_time = time();
 			$warning_expires = ( $warning_time != WARNING_INFINITY ) ? $current_time + $warning_time : $warning_time;

			$sql = "INSERT INTO " . BB_WARNINGS . " (warning_id, warning_type, warning_post_id, warning_user_id, warning_poster_id, warning_posted, warning_expires) VALUES('', '$warning_type', '$post_id', '$user_id', '" . $userdata['user_id'] . "', '$current_time', '$warning_expires')";
			DB()->sql_query($sql, BEGIN_TRANSACTION) or message_die(GENERAL_ERROR, 'COULD NOT INSERT WARNING INFORMATION', '', __LINE__, __FILE__, $sql);

			$warning_id = DB()->sql_nextid();
			$bbcode_uid = '';
			$warning_text = str_replace("\'", "''", $warning_text);

			$sql = "INSERT INTO " . BB_WARNINGS_TEXT . " (warning_id, bbcode_uid, warning_text) VALUES('$warning_id', '$bbcode_uid', '$warning_text')";
			DB()->sql_query($sql) or	message_die(GENERAL_ERROR, 'Could not insert warning information', '', __LINE__, __FILE__, $sql);

			if ( ( $warning_type >= WARNING_TYPE_WARNING && ($row['user_warnings'] + 1) == $bb_cfg['warnings_per_ban'] ) || ( $warning_type == WARNING_TYPE_BAN ) )
			{
				$sql = "DELETE FROM " . BB_SESSIONS . " WHERE session_user_id = " . $user_id;
				DB()->sql_query($sql) or message_die(GENERAL_ERROR, 'Could not update session information', '', __LINE__, __FILE__, $sql);
			}

			switch ( $warning_type )
			{
				case WARNING_TYPE_WARNING:
					$sql = "UPDATE " . BB_USERS . " SET user_warnings = user_warnings + 1 WHERE user_id = '$user_id'";
					break;

				case WARNING_TYPE_BAN:
					$sql = "UPDATE " . BB_USERS . " SET user_banned = 1 WHERE user_id = '$user_id'";
					break;
			}

			DB()->sql_query($sql, END_TRANSACTION) or message_die(GENERAL_ERROR, 'COULD NOT UPDATE USER WARNINGS/BAN INFORMATION', '', __LINE__, __FILE__, $sql);

			switch ( $warning_type )
			{
				case WARNING_TYPE_WARNING:
					$email_template = 'warnings_warning';
					$email_subject = $lang['YOU_RECEIVED_WARNING'];
				break;

				case WARNING_TYPE_BAN:
					$email_template = 'warnings_ban';
					$email_subject = $lang['YOU_RECEIVED_BAN'];
				break;
			}
			
			$email_now_warnings =  ( $warning_type == WARNING_TYPE_WARNING ) ? ($row['user_warnings'] + 1) : $row['user_warnings'];
			$email_warning_expires =  ( $warning_expires == WARNING_INFINITY ) ? $lang['wt_infinity'] : bb_date($bb_cfg['default_dateformat'], $warning_expires, $row['user_timezone']);
			if ( $warning_type == WARNING_TYPE_WARNING && ($row['user_warnings'] + 1) < $bb_cfg['warnings_per_ban'] )
			{
				$warnings_information = sprintf($lang['TOTAL_WARN'], $email_now_warnings, $bb_cfg['warnings_per_ban']);
			}
			else
			{
				$warnings_information = '';
			}

			include(BB_ROOT .'includes/emailer.class.php');
			$emailer = new emailer($bb_cfg['smtp_delivery']);

			$emailer->from($bb_cfg['board_email']);
			$emailer->replyto($bb_cfg['board_email']);
			$emailer->use_template($email_template, stripslashes($row['user_lang']));
			$emailer->email_address($row['user_email']);
			$emailer->set_subject(sprintf($email_subject, $bb_cfg['sitename']));

			$emailer->assign_vars(array(
				'SITENAME' => $bb_cfg['sitename'],
				'EMAIL_SIG' => (!empty($bb_cfg['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $bb_cfg['board_email_sig']) : '',
				'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $row['username']), 0, 25)),
				'POST_URL' => $server_url . '?' . POST_POST_URL . '=' . $post_id . '#' . $post_id,
				'WARNING_REASON' => $warning_text,
				'WARNING_EXPIRES' => $email_warning_expires,
				'WARNINGS_INFORMATION' => $warnings_information,
				'WARNINGS' => $lang['WARNINGS'],
				'TOTAL_WARN' => $lang['TOTAL_WARNS'],
				'WARNER' => $userdata['username']
				)
			);

			$emailer->send();
			$emailer->reset();

			if ( $warning_type >= WARNING_TYPE_WARNING && ($row['user_warnings'] + 1) == $bb_cfg['warnings_per_ban'] )
			{
				$sql = "SELECT * FROM " . BB_WARNINGS . " WHERE warning_user_id = " . $user_id . " AND warning_proceed = 0 AND warning_expires != " . WARNING_INFINITY . " AND warning_type = '" . WARNING_TYPE_WARNING . "' ORDER BY warning_expires ASC LIMIT 1";
				$result = DB()->sql_query($sql) or message_die(GENERAL_ERROR, 'COULD NOT GET WARNING INFORMATION', '', __LINE__, __FILE__, $sql);

				if ( DB()->num_rows($result) )
				{
					$warning_row = DB()->sql_fetchrow($result);
					$email_warning_expires = bb_data($bb_cfg['default_dateformat'], $warning_row['warning_expires'], $row['user_timezone']);
				}
				else
				{
					$email_warning_expires = $lang['wt_infinity'];
				}

				$emailer->from($bb_cfg['board_email']);
				$emailer->replyto($bb_cfg['board_email']);

				$emailer->use_template('warnings_ban_by_warnings', stripslashes($row['user_lang']));
				$emailer->email_address($row['user_email']);
				$emailer->set_subject( sprintf($lang['YOU_RECEIVED_BAN'], $bb_cfg['sitename']));

				$emailer->assign_vars(array(
					'SITENAME' => $bb_cfg['sitename'],
					'EMAIL_SIG' => (!empty($bb_cfg['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $bb_cfg['board_email_sig']) : '',
					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $row['username']), 0, 25)),
					'WARNING_EXPIRES' => $email_warning_expires
					)
				);

				$emailer->send();
				$emailer->reset();
			}

			$redirect = append_sid('viewtopic.php?' . POST_POST_URL . '=' . $post_id);
			$l_redirect = sprintf($lang['CLICK_RETURN_TOPIC'], '<a href="' . $redirect . '">', '</a>');

			$template->assign_vars(array(
				'META' => '<meta http-equiv="refresh" content="3;url=' . $redirect . '">')
			);

			message_die(GENERAL_MESSAGE, $lang['WARNING_SUCCESSFULLY_ADDED'] . '<br /><br />' . $l_redirect);
		}
		else
		{
			//
			// Set template files
			//
			$template->set_filenames(array(
				'body' => 'warnings_posting_body.tpl')
			);

			$hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '"><input type="hidden" name="mode" value="' . $mode . '" />';

			$warning_time_values = array(1, 3, 5, 7, 14, 30);

			$warning_time_select = '<select name="warning_time">';
			
			$warning_time_select .= '<option value="' . WARNING_INFINITY . '">' . $lang['WT_INFINITY'] . '</option>';

			for($i = 0; $i < count($warning_time_values); $i++)
			{
				$warning_time_select .= '<option value="' . ($warning_time_values[$i] * 86400) . '">' . $lang['WT_' . $warning_time_values[$i]] . '</option>';
			}
			$warning_time_select .= '</select>';

			$template->assign_vars(array(
				'WARNING_TYPE_1_CHECKED' => 'checked="checked"',
				'WARNING_TYPE_2_CHECKED' => '',
				'WARNING_TEXT' => '',
				'S_WARNING_TIME' => $warning_time_select,
				'S_WARNING_ACTION' => append_sid("warnings.php"),
				'S_HIDDEN_FIELDS' => $hidden_fields)
			);

			$template->pparse('body');

			include(BB_ROOT . 'includes/page_footer.php');
		}
		break;


	case 'edit_warning':
		$page_title = $lang['WARNINGS_CP'];
		include(BB_ROOT . 'includes/page_header.php');

		//
		// Start auth check
		//
		if ( !in_array($userdata['user_level'], array(ADMIN,MOD)) )
		{
			message_die(GENERAL_MESSAGE, $lang['NOT_MODERATOR'], $lang['NOT_AUTHORISED']);
		}
		//
		// End Auth Check
		//

		$sql = "SELECT w.*, wt.*, u.* FROM " . BB_WARNINGS . " w, " . BB_WARNINGS_TEXT . " wt, " . BB_USERS . " u WHERE w.warning_id = '$warning_id' AND wt.warning_id = w.warning_id AND u.user_id = w.warning_user_id";
		$result = DB()->sql_query($sql) or message_die(GENERAL_ERROR, 'Could not get warning information', '', __LINE__, __FILE__, $sql);
		$row = DB()->sql_fetchrow($result)  or message_die(GENERAL_ERROR, 'COULD NOT GET WARNING INFORMATION');

		$user_id = $row['warning_user_id'];
		$post_id = $row['warning_post_id'];

		if ( $userdata['user_level'] != ADMIN )
		{
			if ( $row['warning_poster_id'] != $userdata['user_id'] )
			{
				message_die(GENERAL_MESSAGE, 'WARNING_CANNOT_PROCESS_NOT_YOURS');
			}
		}

		if ( isset($_POST['add_warning']) )
		{
			$warning_type = isset($_POST['warning_type']) ? intval($_POST['warning_type']) : 0;
			$warning_time = isset($_POST['warning_time']) ? intval($_POST['warning_time']) : 0;
			$warning_text = isset($_POST['warning_text']) ? $_POST['warning_text'] : '';

 			if ( empty($warning_type) || empty($warning_time) || empty($warning_text) )
 			{
 				message_die(GENERAL_MESSAGE, 'WARNINGS_NOT_ENOUGH_PARAMS');
 			}

 			if ( ( ( $warning_time < 0 ) && ( $warning_time != WARNING_INFINITY ) ) || !in_array($warning_type, array(WARNING_TYPE_WARNING, WARNING_TYPE_BAN)) )
 			{
 				message_die(GENERAL_MESSAGE, 'WARNINGS_WRONG_PARAMS');
 			}
 			

 			$warning_expires = ( $warning_time != WARNING_INFINITY ) ? $row['warning_posted'] + $warning_time : $warning_time;
			$warning_text = str_replace("\'", "''", $warning_text);

			$sql = "UPDATE " . BB_WARNINGS . " SET warning_type = '$warning_type', warning_expires = '$warning_expires' WHERE warning_id = '$warning_id'";
			DB()->sql_query($sql, BEGIN_TRANSACTION) or message_die(GENERAL_ERROR, 'COULD NOT UPDATE WARNING INFORMATION', '', __LINE__, __FILE__, $sql);

			if ( $warning_type == WARNING_TYPE_BAN )
			{
				$sql = "DELETE FROM " . BB_SESSIONS . " WHERE session_user_id = " . $user_id;
				DB()->sql_query($sql) or message_die(GENERAL_ERROR, 'COULD NOT UPDATE SESSION INFORMATION', '', __LINE__, __FILE__, $sql);
			}

			if ( $row['warning_type'] != $warning_type )
			{
				switch ( $row['warning_type'] )
				{
					case WARNING_TYPE_WARNING:
						$sql = "UPDATE " . BB_USERS . " SET user_warnings = user_warnings - 1 WHERE user_id = '$user_id'";
					break;

					case WARNING_TYPE_BAN:
						$sql = "UPDATE " . BB_USERS . " SET user_banned = 0 WHERE user_id = '$user_id'";
					break;
				}

				DB()->sql_query($sql) or message_die(GENERAL_ERROR, 'COULD NOT UPDATE USER INFORMATION', '', __LINE__, __FILE__, $sql);

				switch ( $warning_type )
				{
					case WARNING_TYPE_WARNING:
						$sql = "UPDATE " . BB_USERS . " SET user_warnings = user_warnings + 1 WHERE user_id = '$user_id'";
					break;

					case WARNING_TYPE_BAN:
						$sql = "UPDATE " . BB_USERS . " SET user_banned = 1 WHERE user_id = '$user_id'";
					break;
				}


				DB()->sql_query($sql) or message_die(GENERAL_ERROR, 'COULD NOT UPDATE USER INFORMATION', '', __LINE__, __FILE__, $sql);

				$email_template = 'warnings_type_changed';

				switch ( $warning_type )
				{
					case WARNING_TYPE_WARNING:
						$email_subject = $lang['YOU_RECEIVED_WARNING'];
						$email_change_text = $lang['BAN_CHANGED_TO_WARNING'];
					break;

					case WARNING_TYPE_BAN:
						$email_subject = $lang['YOU_RECEIVED_BAN'];
						$email_change_text = $lang['WARNING_CHANGED_TO_BAN'];
					break;
				}

				$lang_key = 'Warning_type_changed_' . $row['warning_type'] . $warning_type;
				$email_change_text = $lang[$lang_key];


				include(BB_ROOT .'includes/emailer.class.php');
				$emailer = new emailer($bb_cfg['smtp_delivery']);

				$emailer->from($bb_cfg['board_email']);
				$emailer->replyto($bb_cfg['board_email']);

				$emailer->use_template($email_template, stripslashes($row['user_lang']));
				$emailer->email_address($row['user_email']);
				$emailer->set_subject(sprintf($email_subject, $bb_cfg['sitename']));

				$emailer->assign_vars(array(
					'SITENAME' => $bb_cfg['sitename'],
					'EMAIL_SIG' => (!empty($bb_cfg['board_email_sig'])) ? str_replace('<br />', "\n", "-- \n" . $bb_cfg['board_email_sig']) : '',
					'USERNAME' => preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, substr(str_replace("\'", "'", $row['username']), 0, 25)),
					'POST_URL' => $server_url . '?' . POST_POST_URL . '=' . $post_id . '#' . $post_id,
					'WARNING_SUBJECT' => sprintf($email_subject, $bb_cfg['sitename']),
					'WARNING_CHANGE_TEXT' => $email_change_text
					)
				);

				$emailer->send();
				$emailer->reset();
			}

			$sql = "UPDATE " . BB_WARNINGS_TEXT . " SET warning_text = '$warning_text' WHERE warning_id = '$warning_id'";
			DB()->sql_query($sql, END_TRANSACTION) or message_die(GENERAL_ERROR, 'Could not update user warning text information', '', __LINE__, __FILE__, $sql);

			$redirect = append_sid('viewtopic.php?' . POST_POST_URL . '=' . $post_id);
			$l_redirect = sprintf($lang['CLICK_RETURN_TOPIC'], '<a href="' . $redirect . '">', '</a>');

			$template->assign_vars(array(
				'META' => '<meta http-equiv="refresh" content="3;url=' . $redirect . '">')
			);

			message_die(GENERAL_MESSAGE, $lang['WARNING_SUCCESSFULLY_EDITED'] . '<br /><br />' . $l_redirect);
		}
		else
		{
			//
			// Set template files
			//
			$template->set_filenames(array(
				'body' => 'warnings_posting_body.tpl')
			);

			$hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="' . POST_POST_URL . '" value="' . $post_id . '"><input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_WARNING_URL . '" value="' . $warning_id . '" />';

			$warning_time_values = array(1, 3, 5, 7, 14, 30);

			$warning_time_select = '<select name="warning_time">';
			$warning_time_select .= '<option value="' . WARNING_INFINITY . '">' . $lang['WT_INFINITY'] . '</option>';

			for($i = 0; $i < count($warning_time_values); $i++)
			{
				$warning_time_select .= '<option value="' . ($warning_time_values[$i] * 86400) . '"' . ( ( ( $row['warning_expires'] - $row['warning_posted'] ) == ( $warning_time_values[$i] * 86400 ) ) ? ' selected="selected"' : '' ) .'>' . $lang['wt_' . $warning_time_values[$i]] . '</option>';
			}
			$warning_time_select .= '</select>';

			$template->assign_vars(array(
				'WARNING_TYPE_1_CHECKED' => $row['warning_type'] == ( WARNING_TYPE_WARNING ) ? 'checked="checked"' : '',
				'WARNING_TYPE_2_CHECKED' => $row['warning_type'] == ( WARNING_TYPE_BAN ) ? 'checked="checked"' : '',
				'WARNING_TEXT' => $row['warning_text'],

				'S_WARNING_TIME' => $warning_time_select,
				'S_WARNING_ACTION' => append_sid("warnings.php"),
				'S_HIDDEN_FIELDS' => $hidden_fields)
			);

			$template->pparse('body');

			include(BB_ROOT . 'includes/page_footer.php');
		}
		break;

	case 'remove_warning':
	case 'delete_warning':
		$page_title = $lang['MOD_CP'];
		include(BB_ROOT . 'includes/page_header.php');

		//
		// Start auth check
		//
		if ( !in_array($userdata['user_level'], array(ADMIN,MOD)) )
		{
			message_die(GENERAL_MESSAGE, $lang['NOT_MODERATOR'], $lang['NOT_AUTHORISED']);
		}
		//
		// End Auth Check
		//

 		if ( empty($warning_id) )
 		{
 			message_die(GENERAL_MESSAGE, 'WARNINGS_NOT_ENOUGH_PARAMS');
 		}

		$sql = "SELECT * FROM " . BB_WARNINGS . " WHERE warning_id = '$warning_id'";
		$result = DB()->sql_query($sql) or message_die(GENERAL_ERROR, 'Could not get warning information', '', __LINE__, __FILE__, $sql);
		$row = DB()->sql_fetchrow($result)  or message_die(GENERAL_ERROR, 'Could not get warning information');

		if ( $userdata['user_level'] != ADMIN )
		{
			if ( $row['warning_poster_id'] != $userdata['user_id'] )
			{
				message_die(GENERAL_MESSAGE, 'WARNING_CANNOT_PROCESS_NOT_YOURS');
			}
		}

		if ( $mode == 'remove_warning' && $row['warning_expires'] != WARNING_INFINITY && $row['warning_expires'] < time() )
		{
				message_die(GENERAL_MESSAGE, 'WARNING_CANNOT_REMOVE_EXPIRED');
		}

		if ( $confirm )
		{
  			if ( empty($warning_id) )
			{
				message_die(GENERAL_MESSAGE, $lang['NONE_SELECTED']);
			}

			if ( $mode == 'remove_warning' )
			{
				$sql = "UPDATE " . BB_WARNINGS . " SET warning_expires = " . time() . " WHERE warning_id = '$warning_id'";
				DB()->sql_query($sql) or message_die(GENERAL_ERROR, 'Could not remove warning information', '', __LINE__, __FILE__, $sql);

				$l_action = $lang['WARNING_REMOVED'];
			}
			else if ( $mode == 'delete_warning' )
			{
				if ( !$row['warning_proceed'] )
				{
					switch ( $row['warning_type'] )
					{
						case WARNING_TYPE_WARNING:
							$sql = "UPDATE " . BB_USERS . " SET user_warnings = user_warnings - 1 WHERE user_id = '" . $row['warning_user_id'] . "'";
						break;

						case WARNING_TYPE_BAN:
							$sql = "UPDATE " . BB_USERS . " SET user_banned = 0 WHERE user_id = '" . $row['warning_user_id'] . "'";
						break;
					}

					DB()->sql_query($sql, BEGIN_TRANSACTION) or message_die(GENERAL_ERROR, 'Could not delete warning information', '', __LINE__, __FILE__, $sql);
				}

				$sql = "DELETE FROM " . BB_WARNINGS . " WHERE warning_id = '$warning_id'";
				DB()->sql_query($sql, BEGIN_TRANSACTION) or message_die(GENERAL_ERROR, 'Could not delete warning information', '', __LINE__, __FILE__, $sql);

				$sql = "DELETE FROM " . BB_WARNINGS_TEXT . " WHERE warning_id = '$warning_id'";
				DB()->sql_query($sql, END_TRANSACTION) or message_die(GENERAL_ERROR, 'Could not delete warning information', '', __LINE__, __FILE__, $sql);

				$l_action = $lang['WARNING_DELETED'];
			}

			$redirect = append_sid('profile.php?mode=viewprofile&amp;' . POST_USERS_URL . '=' . $row['warning_user_id']);
			$l_redirect = sprintf($lang['CLICK_RETURN_PROFILE'], '<a href="' . $redirect . '">', '</a>');

/*
			$template->assign_vars(array(
				'META' => '<meta http-equiv="refresh" content="3;url=' . $redirect . '">')
			);
*/

			message_die(GENERAL_MESSAGE, $l_action . '<br /><br />' . $l_redirect);
		}
		else
		{
			// Not confirmed, show confirmation message
  			if ( empty($warning_id) )
			{
				message_die(GENERAL_MESSAGE, $lang['NONE_SELECTED']);
			}

			if ( $mode == 'remove_warning' )
			{
				$l_action = $lang['CONFIRM_REMOVE_WARNING'];
			}
			else if ( $mode == 'delete_warning' )
			{
				$l_action = $lang['CONFIRM_DELETE_WARNING'];
			}

			$hidden_fields = '<input type="hidden" name="sid" value="' . $userdata['session_id'] . '" /><input type="hidden" name="mode" value="' . $mode . '" /><input type="hidden" name="' . POST_WARNING_URL . '" value="' . $warning_id . '" />';

			//
			// Set template files
			//
			$template->set_filenames(array(
				'confirm' => 'confirm_body.tpl')
			);

			$template->assign_vars(array(
				'MESSAGE_TITLE' => $lang['CONFIRM'],
				'MESSAGE_TEXT' => $l_action,

				'S_CONFIRM_ACTION' => append_sid("warnings.php"),
				'S_HIDDEN_FIELDS' => $hidden_fields)
			);

			$template->pparse('confirm');

			include(INC_DIR . 'page_footer.php');
		}
		break;

	default:
		$page_title = $lang['MOD_CP'];
		include(INC_DIR . 'page_header.php');

		break;
}

include(INC_DIR . 'page_footer.php');

?>